Alarming WordPress Security Vulnerabilities
beNi released 3 alarming vulnerabilities in the popular WordPress blog platform
- Cross Site Scripting - it didn’t work for me
- Forced Redirect - it worked for me
- Directory Traversal - n /a
Due to the really huge install base, I really hope that the folks at wordpress.org issue a patch quickly to address these vulnerabilities. Update : It sems that the site hosting the proof of concept exploits is down for maintenance.(thanks leion)
If you enjoyed this post, make sure you subscribe to my RSS feed!
Thank you for reading this post. You can now Read Comment (1) or Leave A Trackback.
Post Info
This entry was posted on Sunday, February 11th, 2007 and is filed under Web Applications.You can follow any responses to this entry through the Comments Feed. You can Leave A Comment, or A Trackback.
Previous Post: How to Turn Firefox Into an Attack Webserver »
Next Post: Here is the definitive fix for Universal PDF XSS Vulnerability »
Read More
Related Reading:
Latest Posts:
- Gemalto - Security To Be Free
- Free alternative to ArcSight ESM ? Hardly..
- Privacy Dilemma: How to Protect Yourself Online
- Solera Networks Deep-Packet Capture Review
- WordPress Exploit Scanner
- Phishing Exposed, Brands Secured
- Scanners: New Nessus Release; New eEye Web Scanner
- Good News from ArcSight and Imperva
- CCTV Security Camera and Surveillance Equipment
- OpenDNS Offers Free Web Content Filtering
February 17th, 2007 01:27
All the links gave 404 error..